Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update trigger_login.php to prevent SQL injection
  • Loading branch information
Danny Cheok committed Sep 8, 2014
1 parent fb4b9c9 commit fe85100
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Upload/plugins/gimmie/trigger_login.php
Expand Up @@ -2,7 +2,7 @@
require_once(DIR . '/plugins/gimmie/functions.php');
require_once(DIR . '/plugins/gimmie/OAuth.php');

$usersql = $vbulletin->db->query_read("SELECT `userid`, `username`, `email` FROM " . TABLE_PREFIX . "user WHERE `userid` = '" . $vbulletin->userinfo['userid'] . "'");
$usersql = $vbulletin->db->query_read("SELECT `userid`, `username`, `email` FROM " . TABLE_PREFIX . "user WHERE `userid` = " . $vbulletin->db->escape_string($vbulletin->userinfo['userid']));

$user = $vbulletin->db->fetch_array($usersql);

Expand All @@ -29,4 +29,4 @@

}

?>
?>

0 comments on commit fe85100

Please sign in to comment.